CVE-2022-49729

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvlplaydeferred Similar to the handling of playdeferred in commit 19cfe912c37b "Bluetooth: btusb: Fix memory leak in playdeferred", we thought a patch might be needed here as well. Currently...

CVE-2022-49443 list: fix a data-race around ep->rdllist

In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep-rdllist eppoll first calls epeventsavailable with no lock held and checks if ep-rdllist is empty by listemptycareful, which reads rdllist-prev. Thus all accesses to it need some protection to avoid...

SUSE-SU-2025:20128-1 Security update for vim

This update for vim fixes the following issues: vim was updated to 9.1.1101: - CVE-2024-43374: Fixed use-after-free in alistadd bsc1229238 - CVE-2024-43790: Fixed Out of bounds read when performing a search command bsc1229685 - CVE-2024-43802: Fixed heap-buffer-overflow in instypebuf bsc1229822 -...

GHSA-QRW2-26CV-CW2P vulnerabilities

Vulnerabilities for packages: mysql...

GHSA-3VPX-4FR4-H263 vulnerabilities

Vulnerabilities for packages: mysql...

GHSA-W54G-4CW9-C665 vulnerabilities

Vulnerabilities for packages: mysql...

[SECURITY] Fedora 40 Update: vim-9.1.1122-1.fc40

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...

SUSE-SU-2025:0546-1 Security update golang-github-prometheus-prometheus

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 jscPED-11649: - Security issues fixed: CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling bsc1232970 - Highlights of other changes: Performance: + Significant enhancements to PromQL execution...

nodejs:20 security update

nodejs 1:20.18.2-1 - Update to version 20.18.2 Fixes: CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76001 RHEL-76146 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to...

SUSE: Security Advisory (SUSE-SU-2024:1321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

February 11, 2025—Hotpatch KB5052105 (OS Build 26100.3107)

February 11, 2025—Hotpatch KB5052105 OS Build 26100.3107 Note: Windows Server 2025 Datacenter & Standard machines that are connected to Azure Arc, now have the option to subscribe to hotpatch servicing. Hotpatch provides the ability to install OS security updates without restarting your machine...

February 11, 2025—KB5052042 (Monthly Rollup)

February 11, 2025—KB5052042 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...

February 11, 2025—Hotpatch KB5052106 (OS Build 20348.3148)

February 11, 2025—Hotpatch KB5052106 OS Build 20348.3148 Improvements and fixes This security update includes quality improvements. Below is a summary of the key issues that this update addresses when you install this KB. If there are new features, it lists them as well. The bold text within the...

Azure File Sync Agent v20 Release – February 2025

Azure File Sync Agent v20 Release – February 2025 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v20 release that is dated February 2025. Additionally, this article contains installation instructions for this release. Improvements and issues that ar...

Hotfix XS82ECU1082 - For Citrix Hypervisor 8.2 Cumulative Update 1

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1 and is only available to customers on theCustomer Success Servicesprogram. Note: Citrix Hypervisor 8.2 Cumulative Update 1 reaches end of life on Jun 25, 2025. Upgrade toXenServer...

Metasploit Weekly Wrap-Up 02/07/2025

Gathering data and improving workflows This week's release includes 2 new auxiliary modules targeting Argus Surveillance DVR and Ivanti Connect Secure. The former, contributed by Maxwell Francis, and based on the work of John Page, can be used to retrieve arbitrary files on the target's filesyste...

SUSE-SU-2025:0058-1 Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.98 - Fixed CVEs: + CVE-2024-54677: DoS in examples web application bsc1234664 + CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation bsc1234663 + CVE-2024-52317: Request/response mix-up with HTTP/2 bsc1233435 - Catalina...

SUSE-SU-2025:0033-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.34 - Fixed CVEs: + CVE-2024-54677: DoS in examples web application bsc1234664 + CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation bsc1234663 + CVE-2024-52317: Request/response mix-up with HTTP/2 bsc1233435 +...